Description
The School Management System for Wordpress plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the homework.php file in all versions up to, and including, 93.2.0. This makes it possible for authenticated attackers, with Student-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible. CVE-2025-31100 is potentially a duplicate of this.
Published: 2025-08-16
Score: 8.8 High
EPSS: < 1% Very Low
KEV: No
Impact: Remote Code Execution
Action: Patch Now
AI Analysis

Impact

The School Management System for WordPress plugin is vulnerable to arbitrary file uploads because its homework.php routine does not enforce file type validation in any release up to and including 93.2.0. An authenticated user with Student-level access or higher can upload any file to the server, including executable scripts, which can be subsequently executed, allowing an attacker to take control of the web application or host. The CVE description indicates that remote code execution is possible once a malicious file is uploaded, and the duplication with CVE-2025-31100 suggests this flaw is significant. The absence of file type checks makes the upload mechanism a direct vector for wrongdoing.

Affected Systems

All WordPress sites running the dasinfomedia School Management System for WordPress plugin version 93.2.0 or earlier are affected. The plugin is a WordPress extension for managing school data, and any site that uses this plugin and has students or higher role capabilities is potentially vulnerable.

Risk and Exploitability

With a CVSS score of 8.8, this issue is classified as high severity, yet the EPSS score indicates that exploitation probability is very low (<1%). It is not listed in the CISA KEV catalog, implying no publicly known exploits at this time. The attack requires a valid authenticated session with at least Student privileges, a fairly low barrier on sites that leak credentials or have compromised accounts. Once such a session is achieved, the attacker can upload malicious files, potentially achieving remote code execution or other privileged actions.

Generated by OpenCVE AI on April 20, 2026 at 22:01 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Update the School Management System for WordPress plugin to a release newer than 93.2.0 once it becomes available.
  • If a fix is not yet released, use a security plugin to block uploads of PHP and other executable file types in the homework module, effectively disabling the vulnerable upload path.
  • Reconfigure the upload directory’s file system permissions to prevent execution of newly uploaded files, ensuring that only static assets can be stored there.

Generated by OpenCVE AI on April 20, 2026 at 22:01 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
EUVD EUVD EUVD-2025-25059 The School Management System for Wordpress plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the homework.php file in all versions up to, and including, 93.2.0. This makes it possible for authenticated attackers, with Student-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible.
History

Wed, 08 Apr 2026 18:30:00 +0000

Type Values Removed Values Added
Description The School Management System for Wordpress plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the homework.php file in all versions up to, and including, 93.2.0. This makes it possible for authenticated attackers, with Student-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible. The School Management System for Wordpress plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the homework.php file in all versions up to, and including, 93.2.0. This makes it possible for authenticated attackers, with Student-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible. CVE-2025-31100 is potentially a duplicate of this.

Mon, 18 Aug 2025 14:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Sat, 16 Aug 2025 03:45:00 +0000

Type Values Removed Values Added
Description The School Management System for Wordpress plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the homework.php file in all versions up to, and including, 93.2.0. This makes it possible for authenticated attackers, with Student-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible.
Title School Management System <= 93.2.0 - Authenticated (Student+) Arbitrary File Upload
Weaknesses CWE-434
References
Metrics cvssV3_1

{'score': 8.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H'}

Subscriptions

No data.

cve-icon MITRE

Status: PUBLISHED

Assigner: Wordfence

Published:

Updated: 2026-04-08T17:26:51.889Z

Reserved: 2025-06-13T16:24:31.114Z

Link: CVE-2025-6079

cve-icon Vulnrichment

Updated: 2025-08-18T13:18:43.718Z

cve-icon NVD

Status : Deferred

Published: 2025-08-16T04:15:58.620

Modified: 2026-04-15T00:35:42.020

Link: CVE-2025-6079

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-20T22:15:06Z

Weaknesses